diff options
author | Nicolas Boichat <drinkcat@google.com> | 2017-05-22 12:21:50 +0800 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2017-05-25 04:27:41 -0700 |
commit | 4fd6f23101d1f7aed89568e5f4cacb99b5ae4710 (patch) | |
tree | 39f9d61e29d1d19dc1b2dd7ae97e062bb0536f7b | |
parent | ccad39d1b871db0223e7c7b51a696c97461670d3 (diff) | |
download | chrome-ec-4fd6f23101d1f7aed89568e5f4cacb99b5ae4710.tar.gz |
hammer: Store secret in rollback block
Also, increase console task stack size, as adding entropy
requires 780 bytes of stack.
BRANCH=none
BUG=b:38486828
TEST=Flash hammer
rollbackinfo => 1 version 0 block, 1 empty block, RW verifies
correctly.
rollbackupdate 0; rollbackinfo => No change
rollbackupdate 1; reboot => RO refuses to jump to RW
rollbackinfo => Secret is [00..00] on both block (so the data
was copied correctly)
rollbackupdate 2, 3, 4; rollbackinfo => Writes alternate
between the 2 blocks.
rollbackupdate 2 => Refuses to downgrade version
TEST=From blank secret [00..00], 'rollbackaddent Hello' updates it
to [ba..fa], which matches the output of:
(dd if=/dev/zero bs=1 count=32; echo -n Hello) | sha256sum
Change-Id: If63346dfab0a28aa82a7b4c2e46ca89fde3eb990
Reviewed-on: https://chromium-review.googlesource.com/511986
Commit-Ready: Nicolas Boichat <drinkcat@chromium.org>
Tested-by: Nicolas Boichat <drinkcat@chromium.org>
Reviewed-by: Vincent Palatin <vpalatin@chromium.org>
-rw-r--r-- | board/hammer/board.h | 1 | ||||
-rw-r--r-- | board/hammer/ec.tasklist | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/board/hammer/board.h b/board/hammer/board.h index 654a01a5d4..a676797c21 100644 --- a/board/hammer/board.h +++ b/board/hammer/board.h @@ -187,6 +187,7 @@ * Add rollback protection, and independent RW region protection. */ #define CONFIG_ROLLBACK +#define CONFIG_ROLLBACK_SECRET_SIZE 32 #define CONFIG_FLASH_PROTECT_RW #ifdef SECTION_IS_RW #undef CONFIG_ROLLBACK_UPDATE diff --git a/board/hammer/ec.tasklist b/board/hammer/ec.tasklist index 89c42d3f05..8c7974cca8 100644 --- a/board/hammer/ec.tasklist +++ b/board/hammer/ec.tasklist @@ -20,5 +20,5 @@ TASK_ALWAYS_RO(RWSIG, rwsig_task, NULL, 1024) \ TASK_ALWAYS (HOOKS, hook_task, NULL, LARGER_TASK_STACK_SIZE) \ TASK_ALWAYS_RW(TOUCHPAD, elan_tp_task, NULL, TASK_STACK_SIZE) \ - TASK_ALWAYS (CONSOLE, console_task, NULL, LARGER_TASK_STACK_SIZE) \ + TASK_ALWAYS (CONSOLE, console_task, NULL, 1024) \ TASK_NOTEST_RW(KEYSCAN, keyboard_scan_task, NULL, TASK_STACK_SIZE) |